Packages changed: chrony etcd (3.4.3 -> 3.4.10) fuse3 (3.9.2 -> 3.9.3) libevent (2.1.11 -> 2.1.12) python38 (3.8.4 -> 3.8.5) python38-core (3.8.4 -> 3.8.5) shim-leap (14 -> 15+git47) sssd vim (8.2.1253 -> 8.2.1412) === Details === ==== chrony ==== Subpackages: chrony-pool-openSUSE - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075) ==== etcd ==== Version update (3.4.3 -> 3.4.10) - Update to version 3.4.10 [CVE-2020-15106][boo#1174951]: * version: 3.4.10 * Documentation: note on data encryption * etcdserver: change protobuf field type from int to int64 (#12000) * pkg: consider umask when use MkdirAll * etcdmain: let grpc proxy warn about insecure-skip-tls-verify * etcdmain: fix shadow error * pkg/fileutil: print desired file permission in error log * pkg: Fix dir permission check on Windows * auth: Customize simpleTokenTTL settings. * mvcc: chanLen 1024 is to biger,and it used more memory. 128 seems to be enough. Sometimes the consumption speed is more than the production speed. * auth: return incorrect result 'ErrUserNotFound' when client request without username or username was empty. * etcdmain: fix shadow error * doc: add TLS related warnings * etcdserver:FDUsage set ticker to 10 minute from 5 seconds. This ticker will check File Descriptor Requirements ,and count all fds in used. And recorded some logs when in used >= limit/5*4. Just recorded message. If fds was more than 10K,It's low performance due to FDUsage() works. So need to increase it. * clientv3: cancel watches proactively on client context cancellation * wal: check out of range slice in "ReadAll", "decoder" * etcdctl, etcdmain: warn about --insecure-skip-tls-verify options * Documentation: note on the policy of insecure by default * etcdserver: don't let InternalAuthenticateRequest have password * auth: a new error code for the case of password auth against no password user * Documentation: note on password strength * etcdmain: best effort detection of self pointing in tcp proxy * Discovery: do not allow passing negative cluster size * wal: fix panic when decoder not set * embed: fix compaction runtime err * pkg: check file stats * etcdserver, et al: add --unsafe-no-fsync flag * version: 3.4.9 * wal: add TestValidSnapshotEntriesAfterPurgeWal testcase * wal: fix crc mismatch crash bug * rafthttp: log snapshot download duration * version: 3.4.8 * rafthttp: improve snapshot send logging * *: make sure snapshot save downloads SHA256 checksum * etcdserver/api/snap: exclude orphaned defragmentation files in snapNames * etcdserver: continue releasing snap db in case of error * etcdserver,wal: fix inconsistencies in WAL and snapshot * cherry pick of #11564 (#11880) * mvcc: fix deadlock bug * auth: optimize lock scope for CheckPassword * auth: ensure RoleGrantPermission is compatible with older versions * etcdserver: print warn log when failed to apply request * auth: cleanup saveConsistentIndex in NewAuthStore * auth: print warning log when error is ErrAuthOldRevision * auth: add new metric 'etcd_debugging_auth_revision' * tools/etcd-dump-db: add auth decoder, optimize print format * *: fix auth revision corruption bug * etcdserver: watch stream got closed once one request is not permitted (#11708) * version: 3.4.7 * wal: add "etcd_wal_writes_bytes_total" * pkg/ioutil: add "FlushN" * test: auto detect branch when finding merge base * mvcc/kvstore:when the number key-value is greater than one million, compact take too long and blocks other requests * version: 3.4.6 * lease: fix memory leak in LeaseGrant when node is follower * version: 3.4.5 * words: whitelist "racey" * Revert "version: 3.4.5" * words: whitelist "hasleader" * version: 3.4.5 * etcdserver/api/v3rpc: handle api version metadata, add metrics * clientv3: embed api version in metadata * etcdserver/api/etcdhttp: log server-side /health checks * proxy/grpcproxy: add return on error for metrics handler * etcdctl: fix member add command * version: 3.4.4 * etcdserver: fix quorum calculation when promoting a learner member * etcdserver: corruption check via http * mvcc/backend: check for nil boltOpenOptions * mvcc/backend: Delete orphaned db.tmp files before defrag * auth: correct logging level * e2e: test curl auth on onoption user * auth: fix NoPassWord check when add user * auth: fix user.Options nil pointer * mvcc/kvstore:fixcompactbug * mvcc: update to "etcd_debugging_mvcc_total_put_size_in_bytes" * mvcc: add "etcd_mvcc_put_size_in_bytes" to monitor the throughput of put request. * clientv3: fix retry/streamer error message * etcdserver: wait purge file loop during shutdown * integration: disable TestV3AuthOldRevConcurrent * etcdserver: remove auth validation loop * scripts/release: list GPG key only when tagging is needed ==== fuse3 ==== Version update (3.9.2 -> 3.9.3) - Update to version 3.9.3 * Minor bugfixes, documentation updates ==== libevent ==== Version update (2.1.11 -> 2.1.12) - Update to 2.1.12 stable * buffer: do not pass NULL to memcpy() from evbuffer_pullup() * http: fix undefined-shift in EVUTIL_IS*_ helpers * Check error code of evhttp_add_header_internal() in evhttp_parse_query_impl() * http: fix EVHTTP_CON_AUTOFREE in case of timeout * evdns: Add additional validation for values of dns options * Fix memory corruption in EV_CLOSURE_EVENT_FINALIZE with debug enabled * increase segment refcnt only if evbuffer_add_file_segment() succeeds * evdns: fix a crash when evdns_base with waiting requests is freed * event_base_once: fix potential null pointer threat * http: do not assume body for CONNECT * evbuffer_add_file: fix freeing of segment in the error path * Fix checking return value of the evdns_base_resolv_conf_parse() * Support EV_CLOSED on linux for poll(2) * Parse IPv6 scope IDs. * evutil_time: detect and use _gmtime64_s()/_gmtime64() * bufferevent: allow setting priority on socket and openssl type * Fix EV_CLOSED detection/reporting * Revert "Warn if forked from the event loop during event_reinit()" ==== python38 ==== Version update (3.8.4 -> 3.8.5) - Update to version 3.8.5: - bpo-39603: Prevent http header injection by rejecting control characters in http.client.putrequest(?). - bpo-41295: Resolve a regression in CPython 3.8.4 where defining ?__setattr__? in a multi-inheritance setup and calling up the hierarchy chain could fail if builtins/extension types were involved in the base types. - bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now UnpicklingError instead of crashing. - bpo-39017: Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907, bsc#1174091). - bpo-37703: Updated Documentation to comprehensively elaborate on the behaviour of gather.cancel() - bpo-41302: Enable building Python 3.8 with libmpdec-2.5.0 to ease maintenance for Linux distributions. Patch by Felix Yan. - bpo-41300: Save files with non-ascii chars. Fix regression released in 3.9.0b4 and 3.8.4. - Few minor fixes for the non-primary-interpreter option found in py3.9 ==== python38-core ==== Version update (3.8.4 -> 3.8.5) Subpackages: libpython3_8-1_0 python38-base - Update to version 3.8.5: - bpo-39603: Prevent http header injection by rejecting control characters in http.client.putrequest(?). - bpo-41295: Resolve a regression in CPython 3.8.4 where defining ?__setattr__? in a multi-inheritance setup and calling up the hierarchy chain could fail if builtins/extension types were involved in the base types. - bpo-41288: Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now UnpicklingError instead of crashing. - bpo-39017: Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907, bsc#1174091). - bpo-37703: Updated Documentation to comprehensively elaborate on the behaviour of gather.cancel() - bpo-41302: Enable building Python 3.8 with libmpdec-2.5.0 to ease maintenance for Linux distributions. Patch by Felix Yan. - bpo-41300: Save files with non-ascii chars. Fix regression released in 3.9.0b4 and 3.8.4. - Few minor fixes for the non-primary-interpreter option found in py3.9 ==== shim-leap ==== Version update (14 -> 15+git47) - Update shim to 15+git47-lp152.4.3.1 from openSUSE Leap 15.2 + Version: 15+git47 "Fri Jul 31 07:41:26 UTC 2020" + Use shim-install in the rpm package ==== sssd ==== Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Build sssd's KCM. ==== vim ==== Version update (8.2.1253 -> 8.2.1412) Subpackages: vim-data-common vim-small - Updated to version 8.2.1412, fixes the following problems - refreshed vim-7.4-highlight_fstab.patch * CTRL-K in Insert mode gets inserted. (Roland Puntaier) * MS-Windows: regexp test may fail if 'iskeyword' set wrongly. * Cannot use a lambda with quickfix functions. * Vim9: type wrong after getting dict item in lambda. * Vim9: list unpack doesn't work at the script level. * CursorHold does not work well.a (Shane-XB-Qian) * Empty group in 'tabline' may cause using an invalid pointer. * There is no good test for CursorHold. * Vim9: common type of function not tested. * src/ex_cmds.c file is too big. * Vim9: comperators use 'ignorecase' in Vim9 script. * Terminal getwinpos() test is a bit flaky. * Crash with EXITFREE when split() fails. * Makefile preferences were accidentally included. * Vim9: no error for using double quote comment after :func or :def. * Language and locale code spread out. * Vim9: not skipping over function type declaration with only a return type. * Vim9: Error for Funcref function argument type. * Vim9: type not checked if declaration also assigns value. * Vim9: no error for missing white space in assignment at script level. * Vim9: compiler warning for buffer size. * Tests on Travis do not run with EXITFREE. * Vim9: line break after "->" only allowed in :def function. * Some tests on Travis have EXITFREE duplicated. * Ex command error cannot contain an argument. * The "trailing characters" error can be hard to understand. * Vim9: crash when using CheckScriptFailure() in Test_vim9script_call_fail_decl(). * Vim9: error for misplaced -> lacks argument. * Vim9: skipping over type includes following white space, leading to an error for missing white space. * Vim9: argument types are not checked on assignment. * Vim9: No error when using a type to a window variable * Vim9: crash when using an imported function. * Vim9: cannot use mark in range. * Crash when using a custom completion function. * Vim9: cannot replace a global function. * Vim9: type of varargs items is not checked. * AIDL filetype not recognized. * Vim9: :execute mixes up () expression and function call. * Vim9: error when using vim9script in TextYankPost. * Tests 44 and 99 are old style. * Some part of using 'smarcase' was not tested. * When a test fails it's often not easy to see what the call stack is. * Compiler warning for unused argument in small version. * Compiler warning for using size_t for int and void pointer. * Vim9: optional argument type not parsed properly. * Vim9: varargs argument type not parsed properly. * Vim9: varargs arg after optional arg does not work * Calling popup_setoptions() resets 'signcolumn'. * Debug backtrace isn't tested much. * Some tests are still old style. * Checking for first character of dict key is inconsistent. * popup window width does not include number, fold of sign column width. * Vim9: accidentally using "x" causes Vim to exit. * Build failure with tiny version. * Configure with Xcode 12 fails to check for tgetent. * Test failures with legacy Vim script. * Vim9 script: cannot assign to environment variable. * Vim9: rule for comment after :function is confusing. * Vim9: cannot declare some single letter variables. * Vim9: method on double quoted string doesn't work. * Vim9: invalid operators only rejected in :def function. * Vim9: line break after "=" does not work. * Vim9: using Vim9 script for autaload not tested. * Vim9: skipping over white space after list. * No space allowed before comma in list. * Vim9: cannot define global function inside :def function. * Vim9: :echo with two lists doesn't work. * Vim9: memory leak when using nested global function. * Vim9: memory leak when using nested global function. * Github workflow timeout needs tuning * CTRL-C in the GUI doesn't interrupt. (Sergey Vlasov) * Build failure on non-Unix systems. * Vim9: cannot use empty key in dict assignment. * Vim9: assigning to script-local variable doesn't check type. * Vim9: assigning to global dict variable doesn't work. * Some tests fail on Cirrus CI and/or with FreeBSD. * Build failures. * Vim9: accidentally using "x" gives a confusing error. * Vim9: cannot find global function when using g: when local function with the same name exists. * Vim9: No test for trying to redefine global function. * Redraw error when using visual block and scroll. * Small build fails. * Cannot easily get the script ID. * Build failure without the eval feature. * Vim9: can define a function with the name of an import. * Vim9: no test for error message when redefining function. * Vim9: no proper error if using namespace for nested function. * Vim9: no error for shadowing a script-local function by a nested function. * Crash when drawing double-wide character in terminal window. (Masato Nishihata) * Vim9: no error using :let for options and registers. * Vim9: cannot get the percent register. * Vim9: cannot assign to / register. * Vim9: test fails with +dnd is not available. * Vim9: cannot assign to / register in Vim9 script. * Stray error for white space after expression. * Error for white space after expression in assignment. * Last entry of ":set term=xxx" overwritten by error message when 'cmdheight' is two or more. (Tony Mechelynck) * Test trying to run terminal when it is not supported. * Invalid memory access when searching for raw string. * Vim9: no error for missing white space around operator. * Test 49 is old style. * Vim9: no error for missing white space around operator. * Vim9: no error for assigning to non-existing script var. * Vim9: error for assigning empty list to script variable. * Vim9: method name with digit not accepted. * Vim9: expression mapping causes error for using :import. * Triggering the ATTENTION prompt causes typeahead to be messed up. * Cannot put space between function name and paren. * Curly braces expression ending in " }" does not work. * Vim9: return type of getreg() is always a string. * Vim9: using :import in filetype plugin gives an error. * Test 49 is old style. * No ATTENTION prompt for :vimgrep first match file. * No testing on ARM. * Backslash not removed afer space in option with space in 'isfname'. * Vim9: cannot assign to single letter variable with type. * Vim9: += only works for numbers. * File missing from the distribution. * Vim9: type error after storing an option value. * Vim9: no error for shadowing a script function. * Vim9: error line number incorrect after skipping over comment lines. * Insufficient testing for script debugging. * Vim9: compiling a function interferes with command modifiers. * Vim9: no error if declaring a funcref with a lower case letter. * Vim9: no error for unexpectedly returning a value. * Vim9: return type of maparg() not adjusted for fourth argument. * Autoload script sourced twice if sourced directly. * Vim9: may find imported item in wrong script. * Vim9: test does not delete written files. * Cannot jump to the last used tabpage. * s390x tests always fail. * Vim9: Vim highlighting fails in cmdline window if it uses Vim9 commands. * Vim9: script test fails in the GUI. * Vim9: vim9compile.c is getting too big. * Popupwindow lacks scrollbar if no "maxheight" is used. * Vim9: type of list and dict only depends on first item. * Vim9: type casting not supported. * Nmpmrc and php.ini filetypes not recognized. * Adding compiler plugin requires test change. * when splitting a window localdir is copied but prevdir is not. * Vim: not operator does not result in boolean.